Supply chain attacks on popular packages are becoming alarmingly common — from abandoned developer accounts being hijacked to inject malicious code, to maintainers burned out and handing projects to unreliable successors. Developers themselves aren’t immune to phishing, making the threat even more real. What can open source communities do — or what are they already doing — to stop these incidents? And with these rising risks, is the very model of open source development in danger? Join us as we explore these challenges from a developer’s point of view. Hosted by Sally Kleinfeldt